07-28-2020 05:30 AM
Hi,
I am trying to capture encrypted traffic between two MACsec enabled switches (manual mode), I put the secured interfaces as a source but I can see clear test capture even though I can see that the links are secured.
I am using 6504 switches with WS-X6908-10G line cards and using monitor capture feature - when I am exporting the captured buffer to Wireshark I can see all payload content.
my thought is that the capture point is before the encryption and decryption take place since those are PHY to PHY based.
Am I right?
Solved! Go to Solution.
07-29-2020 12:14 AM
07-29-2020 12:14 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide